Today the kickstart for building ovirt-appliance sets selinux --permissive, we need to check if it can be changed to enforcing.
This was reverted since engine-setup (firewall-cmd) hangs in selinux when run from cloud-ini (missing transition from cloud_init_t to firewalld_t)
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.
Dropping code change, since this requires a full functional test once done.
Yuval - has a bug been filed against cloud-init for this?
Yes, not by us, though, but it's the same behavior, see bug 1126096
I just noticed that bug 1126096 was reported in 2014, could setenforce 0 or add cloud_init_t to permissive in our cloud-init script ?
Can this move to MODIFIED?
We need a patch in appliance code.
This bugzilla is included in oVirt 4.2.2 release, published on March 28th 2018.
Since the problem described in this bug report should be
resolved in oVirt 4.2.2 release, it has been closed with a resolution of CURRENT RELEASE.
If the solution does not work for you, please open a new bug report.